c0t0d0s0https://blogs.oracle.com/c0t0d0s0/
A Blog about Solaris and stuffen-usCopyright 2014Wed, 28 May 2014 13:09:04 +0000Apache Roller BLOGS401ORA6 (20130904125427)https://blogs.oracle.com/c0t0d0s0/entry/solaris_11_2_time_basedSolaris 11.2: Time based access limitationsuser13366125https://blogs.oracle.com/c0t0d0s0/entry/solaris_11_2_time_based
Wed, 28 May 2014 13:09:04 +0000Solaris
<p>Let's assume you want to limit ssh login for user junior to a certain timespan, let's say weekdays between 13:10 and 17:00. With Solaris 11.2 it's really easy to limit access to certain services based on times.</p>
<p><a href="http://www.c0t0d0s0.org/archives/7718-Solaris-11.2-Time-based-access-limitations.html">(more)</a></p>
https://blogs.oracle.com/c0t0d0s0/entry/new_solaris_11_2_betaNew Solaris 11.2 beta features: SMF stencilsuser13366125https://blogs.oracle.com/c0t0d0s0/entry/new_solaris_11_2_beta
Sun, 25 May 2014 22:04:12 +0000Solaris11.2smfsolaris
<p>As much as there is often a lot discussion about configuration items inside the SMF repository (like the hostname), it brings an important advantage: It introduces the concept of dependencies to configuration changes. What services have be restarted when i change a configuration item. Do you remember all the services that are dependent on the hostname and need a restart after changing it? SMF solves this by putting the information about dependencies into it configuration. You define it with the manifests. </p>
<p>However, as much configuration you may put into SMF, most applications still insists to get it's configuration inside the traditional configuration files, like the resolv.conf for the resolver or the puppet.conf for Puppet. So you need a way to take the information out of the SMF repository and generate a config file with it. In the past the way to do so, was some scripting inside the start method that generated the config file before the service started. </p>
<p>Solaris 11.2 offers a new feature in this area. It introduces a generic method to enable you to create config files from SMF properties. It's called SMF stencils.</p>
<p><a href="https://www.c0t0d0s0.org/archives/7715-New-Solaris-11.2-features-SMF-stencils.html">(read more)</a></p>
https://blogs.oracle.com/c0t0d0s0/entry/a_glimpse_into_solaris_11A glimpse into Solaris 11.2 specific Puppet componentsuser13366125https://blogs.oracle.com/c0t0d0s0/entry/a_glimpse_into_solaris_11
Sat, 24 May 2014 11:07:01 +0000Solaris
<p>Now you have a working Puppet testbed in your Solaris 11.2 beta installation it's time to try some Solaris specific stuff. Oracle a number of additional stuff in order to control Solaris specifics like boot environments, VNICs or SMF. You can find the respective code at java.net.</p>
<p><a href="http://www.c0t0d0s0.org/archives/7711-A-glimpse-into-Solaris-11.2-specific-Puppet-components.html">(more)</a></p>
https://blogs.oracle.com/c0t0d0s0/entry/basic_puppet_installation_with_solarisBasic Puppet installation with Solaris 11.2 betauser13366125https://blogs.oracle.com/c0t0d0s0/entry/basic_puppet_installation_with_solaris
Sat, 24 May 2014 11:05:28 +0000Solaris
<p>At the recent announcement we talked a lot about the Puppet integration. But how do you set it up? I want to show this in this blog entry.</p>
<p>However this example i'm using is even useful in practice. Due to the extremely low overhead of zones i'm frequently seeing really large numbers of zones on a single system. Changing /etc/hosts or changing an SMF service property on 3 systems is not that hard. Doing it on a system with 500 zones is ... let say it diplomatic ... a job you give to someone you want to punish. </p>
<p>Puppet can help in this case making of managing the configuration and to ease the distribution. You describe the changes you want to make in a file or set of file called manifest in the Puppet world and then roll them out to your servers, no matter if they are virtual or physical. A warning at first: Puppet is a really,really vast topic. This article is really basic and it doesn't goes more than just even toe's deep into the possibilities and capabilities of Puppet. It doesn't try to explain Puppet ... just how you get it up and running and do basic tests. There are many good books on Puppet. Please read one of them, and the concepts and the example will get much clearer immediately. </p>
<p><a href="http://www.c0t0d0s0.org/archives/7709-Basic-Puppet-installation-with-Solaris-11.2-beta.html">(more)</a></p>
https://blogs.oracle.com/c0t0d0s0/entry/less_known_solaris_features_synchronousLess known Solaris features: synchronous svcadmuser13366125https://blogs.oracle.com/c0t0d0s0/entry/less_known_solaris_features_synchronous
Sat, 24 May 2014 11:04:15 +0000Solaris
<p>Sometimes small options are really useful. When you enable a service, for example the Apache HTTPD, you enter svcadm enable apache22. This command immediately return. There is no direct feedback at the command return, if the service has started. So you often see people doing something like that.</p>
<p><a href="http://www.c0t0d0s0.org/archives/7705-Less-known-Solaris-features-synchronous-svcadm.html">(more)</a></p>
https://blogs.oracle.com/c0t0d0s0/entry/less_known_solaris_features_pwaitLess known Solaris features: pwaituser13366125https://blogs.oracle.com/c0t0d0s0/entry/less_known_solaris_features_pwait
Sat, 24 May 2014 11:01:40 +0000Solaris
<p>This is a nifty small tool that i'm using quite often in scripts that stop something and do some tasks afterwards and i don't want to hassle around with the contract file system. It's not a cool feature, but it's useful and relatively less known. An example: As i wrote long ago, you should never use <code>kill -9</code> because often the normal kill is intercepted by the application and it starts to do some clean up tasks first before really stopping the process. So just because <code>kill</code> has returned, it doesn't imply that the process is away. How do you wait for process to disappear?</p>
<p><a href="http://www.c0t0d0s0.org/archives/7704-Less-known-Solaris-features-pwait.html#extended">(more)</a></p>
https://blogs.oracle.com/c0t0d0s0/entry/less_known_solaris_features_ptimeLess known Solaris features: ptimeuser13366125https://blogs.oracle.com/c0t0d0s0/entry/less_known_solaris_features_ptime
Sat, 24 May 2014 11:00:39 +0000Solaris
<p>Long time readers of my blog know that i'm preferring <code>prstat</code> over <code>top</code> at any time. The micro state accounting in prstat gives you a much deeper insight. Using a tool not capable to use microstate accounting is like looking a video in 240p instead of 4k ultra hd (to stay at this: dtrace is like 8k ;) ). prstat is doing a really useful job in telling you what's happening at the moment in a processes.</p>
<p>However sometimes it's interesting to know, what happened in the past since the startup of the process. And there is a tool that is doing this. With <code>ptimes -m</code> you can lookup the information of the micro state accounting since the creation of the process.</p>
<p><a href="http://www.c0t0d0s0.org/archives/7703-Less-known-Solaris-features-ptime.html">(more)</a></p>